Denial Of Service Attacks On RIAA & MPAA Are A Really Dumb Idea

from the come-on dept

There's an entertainment industry lawyer who once used his blog to suggest that I had an "army of hackers" at my disposal that I would order to send a denial of service attack against anyone I disagreed with. I thought that was pretty funny in how ridiculous a claim it was. Beyond the fact that I can barely get my dog to follow my instructions (and I feed her!), let alone anyone who reads this site, I think that denial of service attacks are a pretty dumb idea. It does nothing but piss off people and doesn't make any real point at all. So it's really disappointing to hear that the /b/ folks at 4chan decided to use this weekend to DDoS the MPAA and then the RIAA. The thing with /b/ is that even at their most crude and immature, they're usually creative in their attacks. There's nothing at all creative about taking down the MPAA and the RIAA -- and all it does is serve to reinforce their misguided prejudices that it's just a bunch unruly kids who dislike them. On top of that, it gives them more ammo to position themselves as being persecuted by a small minority. It's a dumb move that looks bad and does a lot more harm than good from a group that should know better.

You left out that the attack included the firm in India who claimed to have carried out the exact same style of attacks on behalf of these 2 companies on websites not willing to bow down to their demands.

Re:

I thought that the attack was initially going to be limited to that firm in India doing DDoS attacks on behalf of **AA, but that site went down before the /b/ attacks even started thanks to some folks with real botnets at their disposal.

Then the RIAA/MPAA takedown was passed around to essentially give them something to do.

Re:

I thought that the attack was initially going to be limited to that firm in India doing DDoS attacks on behalf of **AA, but that site went down before the /b/ attacks even started thanks to some folks with real botnets at their disposal.

Then the RIAA/MPAA takedown was passed around to essentially give them something to do.

Re:

This.

The **AAs are engaging in DDoS against sites like the Pirate Bay, and this is sending them a clear message in response. They are outnumbered.

What would you detractors propose as a method to fight the industry's DDoS attacks? Just sitting back and complaining on a blog a little more? Some of you have been doing that for a decade now, and note that it hasn't accomplished a hell of a lot.

The RIAA, MPAA, et al need to be taught that they can be fought on their own ground.

It probably has more to do with that average citizen being so powerless to anything against such a well-funded, government-friendly organization. But they could have been a lot more creative. They didn't even do it during the week when people are actually working.

I dunno, I got to say that the fact that the first target was a company who admitted to using ddos attacks against sites and effectively on behalf of MPAA and RIAA, it seems to me that many would feel that turnabout is fair play.
Although they can only feel that way if they are given that information in the first place.
If you make it look like it was naughty juvenile geeks just picking random authority targets then that will naturally be the story,
a pity when it could have been large companies using criminal methods to shut down websites they don't like got their backsides well and truly spanked.

Re:

"it seems to me that many would feel that turnabout is fair play."

While I agree with MM that a DDOS attack is the wrong approach, I do agree that the MSM will never mention that the MPAA started it. In light of the fact that the MPAA started it, retaliation is fair play, but unfortunately everyone else is held to a higher standard than big corporations that control the government. and I do believe that we should hold ourselves to a higher standard and set a good example for everyone to follow so that people can see that it is the big corporations and the MSM that are nefarious and that those questioning them are more than overly tolerant (fair play doesn't make something the right approach). I think that would be a better long term approach than to counter attack with a DDOS. But if the MSM does focus on it, hopefully more people will be smart enough to see past what the MSM merely tells them and actually research and discover the fact that the MPAA started it. This possibility might make the MSM ignore the issue altogether. However, unfortunately, even if the MSM doesn't ignore it they will only be one sided and most people will only see one side of the issue and either way the politicians will only see one side.

If politicians decide to start arresting people for this I predict it won't do much to curtail these attacks. If anything, it could even make them worse. Things could get very interesting from there and there is no telling what could happen.

Re: Re:

Oh, come on. That's like arguing the Massachusetts militiamen at Lexington and Concorde should claim the moral high ground by coming out from behind the rocks, putting on bright red uniforms, and marching in parade ground formation.

We're fighting an enemy that controls an increasingly absolutist state, in an environment where the very idea of democratically challenging its control of the state is a sick joke.

If everyone played by "the rules" (rules set by the people we're fighting), we'd eventually wind up in the totalitarian society Stallman described in "The Right to Read."

@14

parking ones car sideways in the wy of a parking lot entrance
IS NOT vandalism as nothing was damaged just as in this case nothing was damaged ONLY there ability to get there lies and crap out to the public

we have allowed you for ten + years to try and solve these morons only to have them continue to harm the greater societal mantra.

NO LONGER.

so #14 you consider it vandalism when a group of environmentalists block a road to stop logging?
YOU consider it vandalism when protesters gather and block off a road?

YOU sir need your head re examined
and i will say it.
if your not with us you are against us. THE time for being nice has ended.

Re: Re: @14

Re: @14

"THE time for being nice has ended."

Actually, I agree with you here. It's high time to start dipping our feet in the water of actual rebellious actions.

That said, /b/, or whoever this actually was, would do themselves a favor by figuring out a way to get an actual public message out to go along with their "attack". Doing this on the weekend, and going with the relatively benign DDoS style attack, makes the purpose of this "attack" clear. It wasn't an attack at all. It was a warning shot across the bow, letting these people know that they aren't the only ones on the high seas with cannons.

My problem is that 99% of people who hear about this aren't going to know WHY it happened. If they did, they'd see the story in a different light....

Re: Re: @14

Actually, I agree with you here. It's high time to start dipping our feet in the water of actual rebellious actions.

DDOS is a really good tool if you want to get people involved in a protest:
1) anyone with a computer and internet access can participate
2) it doesn't require much actual skill, once the vulnerability has been identified. you just download the script and run it.
3) with thousands or millions of hosts around the globe it makes it very difficult to determine who was accessing the site legitimately and who was part of the protest.
4) with thousands or millions of hosts around the globe it makes it very difficult, if not impossible to stop such an attack.

Re: Re: @14

Re: @14

"we have allowed you for ten + years to try and solve these morons only to have them continue to harm the greater societal mantra."

What time frame is that? From the time you started caring until now? Get some perspective, your arrogance is frightful.

"YOU consider it vandalism when protesters gather and block off a road?"

I'd consider it manslaughter if they flooded the road so that one person died due to lack of access. You have no way of knowing what effect a denial of service attack may have as collateral damage; for all you know the websites share a pipe with a doctors surgery. An unlikely scenario but not as much of a stretch as comparing a denial of service attack over the internet to blocking a road. The people blocking a road are at least there in person to take responsibility for their actions.

"YOU sir need your head re examined
and i will say it.
if your not with us you are against us. THE time for being nice has ended."

You try to justify denial of service attacks as being harmless. I hope routers become sentient and drop all of your packets out of disgust.

Re: @14

Get off your high horse because their cause is not so noble,
they are not protesting logging or the parole release of a serial rapist. They're protesting that they have the right too steal Intellectual copyrighted material and distributing it illegaly, giving it away. Who's going too pay $200 million for a strait to utube movie? You maight as well ask for free money.

If U want free music, sing to yourself.
If U want a free movie, go to a school play, kids are funny.
If U want free software, learn to program.
If U want a free game, remember sports or what your toes
look like?
And if you want free pornography, girl + camera = :)

My 2 cents: I think you guys are on the same side on this, with different techniques, and you shouldn't fight.

Having said that, I agree with Mike on the DDOS not being the best weapon against RIAA and friends. I mean, the power of those groups is AFK, that's why they hate the internet. Who visits their sites anyway? They serve absolutely no purpose, and people wouldn't notice if they went offline completely. But the RIAA will then bitch and whine on them being poor victims of the anarchy of the internet. And they will make it easier for paid-for congress people to pass absurd laws. Flood the congress... DDOS'ing RIAA makes no sense. Attacks from /b/ are always interesting to watch, DDOS are not interesting at all.

Last, I think this is a good teaching moment. The original fight with Ebaums was on uncredited use of images from /b/. Remixing is important to the internet and should not be a problem, as it is for the RIAA&MPAA. Fighting Ebaums is fun and should continue, but images from anon are by definition uncredited, and Ebaums is not important (or fun) enough to deserve the attention it has from /b.

Re:

"My 2 cents: I think you guys are on the same side on this, with different techniques, and you shouldn't fight. "

Having one thing in common does not make a good argument for agreeing with something else. I have no qualms about infringing copyright, that's my choice. I'd not expect Mike or anyone else to cut me any slack just because we both disagree with the current system.

Re: OR...

I was thinking if they really wanted to make a difference they should DDOS a relevant govt website (maybe ohttp://www.copyright.gov/ ). Doing so at least directs the attack to the appropriate organization (the govt) and which site receives the attack somewhat serves the purpose of somewhat communicating what the attackers are mad about. For instance, attacking the USPTO website could serve the purpose of saying, "we don't like patents" or "we don't like our current patent laws." Attacking www.copyright.gov at least directs their anger against copyright law. Still, I think such an approach isn't the right one regardless. For one thing it doesn't express what is wrong with copyright law (perhaps they can place messages in the packets, messages that the MSM will merely ignore of course).

At least these attacks show some level of organized protest, which is better than not being organized, but it's not exactly the approach I was hoping for. I want to see something more along the lines of a whole lot more people marching to congress and the white house and demanding that our legislators fix our laws. Or we need to find more creative ways to manage our govt and not let the corporations completely control it.

Re: Re:

Re: Re: Re:

"uneducated, unruly kids" who are able to crash websites and wreak havok with near impunity. I'd hate to see what educated ones could do.

While I don't like DDOS attacks I can understand their position here. RIAA and MPAA lie and cheat and bribe and bully and, above all, they get away with it. The frustration with them is enormous and the temptation to respond with attacks like this is entirely understandable.

Its the general attitude, expected and confirmed.

At least these attacks show some level of organized protest, which is better than not being organized, but it's not exactly the approach I was hoping for

A DDoS is not or does not have to be 'organized' it can be a single person, (called the 'botmaster') controlling a bot net. Yes, all his computers in his botnet are organized but it certainly can be, and often is a single person behind it.

as for damage, yes, it will do far more damage than good. making the attacked marters to the cause..

this is ofcourse playing right into their hands, even to the point that claiming a DDoS would benifit them.

And promoting their attack helps them as well. and shows the attitude of those who oppose their views.

Is it possible, I wonder, to hack a site so that instead of any link to it taking visitors to that site, they get redirected to another page instead - in this case, one addressing the reason for the redirect and the issues at hand? Because that seems like it might be a more effective "virtual picket" as it were.

Also, how long can a DDoS be maintained? And what would happen if a coordinated, simultaneous attack were made upon sites like copyright.gov and the USPTO site as well as the major record label, movie studio, RIAA, MPAA and other MAFIAA sites and maintained for a long period of time? Or a redirect as I mentioned above? Not just for a weekend, but continuously, day after day, month after month.

Ha!

"In my many years I have come to a conclusion that one
useless man is a shame, two is a law firm and three or
more is a congress." -- John Adams

The above statement pretty much says it all! I started laughing when I read the word "lawyer"! If a lawyer is involved expect anything to take twice as long, cost four times the original budget and meet half of less of the original requirements!

Re:

"And Mike, who's to say a DDoS attack had no real effect? They got you to write about it, didn't they? They got a lot of folks to cover it:"

Mike said point, not effect. Regardless, was that the first and only idea they managed to come up with to generate press? I'm confident that you can generate better press in less stupid ways even if you really don't have anything constructive to say.

"Just because folks like yourself fail to quantify its effects in a nice paragraphs post the morning after, doesn't mean it was worthless, or all for nothing."

What was it worth? For the few sites that covered this and didn't cover the original story of the anti pirate outfit DoS attacking, I can't imagine that the coverage was a good thing.

Just my $.02 worth

I have to play devil's advocate here on a few things, and for the record I'm not taking sides i this, just some observations.

From the comments I've been reading it seems like the consensus is that the DDoS attacks were "ok" because it was against the RIAA and MPAA. My first question is, when does it stop being "OK", when it's against something that you support, or is it not what you do but who you do it to that matters?

Secondly, am I the only person that can see a day come when /b/ and 4chan are deemed to be "domestic cyber terrorists" due to their actions? Not that I would want this, far from it, but I can see something like it being done.

Personally, I think if given a message with the actions, it's a valid form of protest, but I always think of what the repercussions would be.

Re: Just my $.02 worth

"From the comments I've been reading it seems like the consensus is that the DDoS attacks were "ok" because it was against the RIAA and MPAA."

If anyone thinks that then it would seem to be more because of the 'reap what you sow' angle than general hatred for the targets. Why anyone sane enough to hate the RIAA and MPAA would want to stoop to their level is beyond me.

DDOS attacks are not the answer. This can only lead to the escalation of the "war". "We" shoot them with DDOS attacks, and they hit back with "cyber-terrorism" legislation.

Who wins in the end? They are the one with the law on their side and can claim the moral high-ground. Worse, they can shoot back with their own DDOS attacks against anyone they disagree with (EFF, FSF, CC, TPB, etc) under the pretext of enforcing the law and protecting their interests.

"I think that denial of service attacks are a pretty dumb idea. It does nothing but piss off people and doesn't make any real point at all."

We gotta take these bastards. Now we could do it with conventional weapons that could take years and cost millions of lives. No, I think we have to go all out. I think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part.

Amazed by the BBC

I'm quite amazed to say this but the BBC appears to have accurately reported this story. They haven't just said that 4Chan have attacked the RIAA and MPAA, they've explained that it is in retaliation.

Even better this is one of the most read stories on the BBC News site which suggests that a great many people will have seen the this surprisingly unbiased piece of news and seen that the RIAA and MPAA have reaped what they have sown.

If you look at the links on the bottom of the article it also seems certain other MSM news provisers have not just taken the industry line but explained it is about protest and not just spite.

the anti piracy groups hack them selfs and dos attack also they should of been sued years ago for invasion of privacy with thier spyware and virus's they pack on every p2p network its all about greed now that the economy isnt as good people actually have to work back when napster was around no one could care a less what was downloaded online or shared now all the sudden they make a big deal about it and try shutting everyone down why cant the internet just be free like linux why do people have to charge for music dont they make enough from concerts music should be free you dont own sound no one does god made sound how can these companys think they own sound its stupid if people didnt download songs they would record them from the radio or tv or copy cds or tapes or even make thier own music no one is paying nothing for them expecially for modern music that most of it isnt good anyway who wants to buy a cd with songs that suck just cause one has a ok beat or better yet who wants to buy cds of bands you have not even heard cause they dont play them on the local radio when you can download them and see if you like them first we all know that the musicians are not hurting they can go perform a concert any day and sell out they dont need cd sales to make a living